Since the recent revelations of the NSA’s sweeping surveillance of the public’s metadata, the term “metadata” has been regularly used in the media, frequently without any explanation of its meaning. Metadata’s reach can be extensive – including information that reveals the time and duration of a communication, the particular devices used, email addresses, or numbers contacted, which kinds of communications services were used, and at what geolocations. And since virtually every device we use has a unique identifying number, our communications and Internet activities may be linked and traced with relative ease – ultimately back to the individuals involved.

All this metadata is collected and retained by communications service providers for varying periods of time and, for legitimate business purposes. Key questions arise, however, including who else has access to all this information, and for what purposes? Senior U.S. government officials have been defending their sweeping and systemic seizure of the public’s personal communications on the basis that it is “only metadata.” They say it is neither sensitive nor privacy-invasive since it does not access any of the content contained in the associated communications.

A Primer on Metadata: Separating Fact from Fiction, explains that metadata can actually be more revealing than accessing the content of our communications. The paper aims to provide a clear understanding of metadata and disputes popular claims that the information being captured is neither sensitive, nor privacy-invasive, since it does not access any content. Given the implications for privacy and freedom, it is critical that we all question the dated, but ever-so prevalent either/or, zero-sum mindset to privacy vs. security. Instead, what is needed are proactive measures designed to provide for both security and privacy, in an accountable and transparent manner.